<?php
/*
+--------------------------------------------------------------------------
|   Web: http://www.enbac.com 
|   Started date : 30/06/2008
+---------------------------------------------------------------------------
|   > Script written by Nova
+---------------------------------------------------------------------------
*/

if (eregi(basename( __FILE__ ), $_SERVER['PHP_SELF'])) {
	print "<h1>Incorrect access</h1>You cannot access this file directly.";
	exit();
}

class ajax_comment {
    	function playme()
    	{
    		$code = AZLib::getParam('code');
			switch($code){
				case 'home':
					$this->home();
					break;	
				case 'send_pm':
					$this->send_pm();
					break;
				case 'feedback':					
					$this->feedback();
					break;
				case 'del_comment':
					$this->del_comment();
					break;
				case 'del_comment_user':
					$this->fn_del_comment_user();
					break;	
				case 'get_more_comment':
					$this->get_more_comment();
					break;
				case 'display_feedback':
					$this->display_feedback();
					break;	
				default:
					$this->home();
					break;
			}
		}

function home(){
	global $display;
	die("Nothing to do...");
}

function send_pm(){
	if(User::is_login()){			
		$user_id   	= (int)Url::get('user_id');
		$title_pm  	= AZLib::getParam('title_pm');
		$content_pm = AZLib::cleanHtml(AZLib::getParam('content_pm'));
		
		
		if(!$user_id){		
			echo "false_send"; 
			exit();
		}	
		
		if(AZLib::isBlackList(User::id(),$user_id)){		
			echo "blacklist";
			exit();
		}
				
		if(User::id() == $user_id){
			echo "no_send_yourself"; 
			exit();
		}
		
		if($title_pm=='' || $title_pm=='Tiêu đề'){
			echo "no_title"; 
			exit();
		}
		elseif($content_pm==''){
			echo "no_content";
			exit();
		}																							
		$receiver_user = User::getUser($user_id);		
		$id_mess = AZLib::Send_pm(User::id(), User::user_name(), $receiver_user, $title_pm, $content_pm);																	
				
		if($id_mess){						
			echo "success";
			exit();
		}
		else{
			echo "false_send";
			exit();
		}											
	}
	else{
		echo "not_login"; 
		exit();
	}											
}

function feedback(){
	header("Content-type: application/xml");
			
	$pattern = '/^xe360/i';
	
	$content 			= trim(AZLib::getParam('content'));
	$comment_id			= (int)Url::get('comment_id',0);
	$sender_user_name 	= trim(AZLib::getParam('user_name'));
	$sender_email 		= trim(AZLib::getParam('sender_email'));
	$comment_row 		= array();
	
	if(isset($_COOKIE['setTimeOutComment'])){
		if(time()-$_COOKIE['setTimeOutComment']<=30){// 30 giay
			echo "<comments><content>time_out</content></comments>";
			exit();
		}
	}	
	else{
		AZLib::my_setcookie("setTimeOutComment", time(), 30 + TIME_NOW); // 30 giay
	}
	
	if(preg_match($pattern,$sender_user_name) || preg_match($pattern,$sender_email) || preg_match($pattern,$content)){	
		echo "<comments><content>bad_word</content></comments>";
		exit();
	}
	
	if(User::is_login()&&User::is_block()){
		echo "<comments><content>no_perm</content></comments>";
		exit();			
	}
	
	if($comment_id){
		$comment_row = DB::select('comment',"id=$comment_id");
		if(!$comment_row){ 	
			echo "<comments><content>no_perm</content></comments>";
			exit();
		}
		
		if(User::is_login() && $comment_row['sender_user_id'] == User::id()){//Không được trả lời cho chính mình!
			echo "<comments><content>no_perm</content></comments>";
			exit();
		}
		
		if(!$item = Item::get_item($comment_row['item_id'])){
			echo "<comments><content>no_perm</content></comments>";
			exit();
		}
	}
	else{
		$item_id  = (int)Url::get('item_id',0);
		if(!$item_id || !$item = Item::get_item($item_id)){
			echo "<comments><content>no_perm</content></comments>";
			exit();
		}
	}
	
	$item_memcache 	= $item;
	
	if(AZLib::isBlackList(User::id(),$item['user_id'])){		
		echo "<comments><content>blacklist</content></comments>";
		exit();
	}

	if(!User::is_login() && AZLib::checkBadWord($sender_user_name)){
		echo "<comments><content>bad_word</content></comments>";
		exit();
	}
	
	if($item["state"]==1 && !User::have_permit(ADMIN_ITEM)){
		echo "<comments><content>no_perm</content></comments>";
		exit();
	}
	
	$username = strtolower($sender_user_name);
	if(!User::is_login() && (strlen($username)<3 || strlen($sender_email)<3 || $username=='admin' || $username=='administrator' || $username=='moderator' || $username=='enbac')){
		echo "<comments><content>bad_word</content></comments>";
		exit();
	}
	
	if(AZLib::checkBadWord($content)){
		echo "<comments><content>bad_word</content></comments>";
		exit();
	}
			
	if(!User::is_login()){
		$captcha = AZLib::getParam('captcha');			
		if(!isset($_SESSION["enbac_validate"]) || $captcha=='' || $captcha != $_SESSION["enbac_validate"]){		
			echo "<comments><content>false_captcha</content></comments>";
			exit();
		}			
	}	
	
	$content 			= preg_replace( "/\n/", "<br />", $content);
	$content 			= str_replace('<br /><br />','&nbsp;',$content);
	
	$receiver_user_id 	= 0;
	$receiver_username 	= '';
	
	if($comment_id){
		if($comment_row['parent_id']){
			$receiver_user_id 	= $comment_row['sender_user_id'];
			$receiver_username 	= $comment_row['sender_user_name'];
			
			if($receiver_user_id)
				$content = '@<a href="'.WEB_DIR.$receiver_username.'" class="fast_reply_link" title="'.$receiver_username.'">'.$receiver_username.'</a>: '.$content;
			else
				$content = '<font color="#999">@<span style="text-decoration:underline">'.$receiver_username.'</span> </font>: '.$content;
				
			$parent_id 	= $comment_row['parent_id'];
		}
		else{
			
			
			$parent_id 	= $comment_row['id'];
		}
	}
	else{
		$parent_id = 0;
	}
	
	$user_item=User::getUser($item['user_id']);
	
	if($user_item){	
		if(User::id()){
			$sender_user_name = User::user_name();
		}
		else{// set guest cookie
			$week = 60 * 60 * 24 * 365 + TIME_NOW; 
			AZLib::my_setcookie("guest_name", $sender_user_name, $week);
			AZLib::my_setcookie("guest_email", $sender_email, $week);
		}
		
		$up_up_count='';
		if($content != ''){
			$comment = array(
								'content'			=>$content,
								'item_id'			=>$item['id'],
								'time'				=>TIME_NOW,
								'order_time'		=>TIME_NOW,
								'post_ip'			=>AZLib::ip(),
								'parent_id'			=>$parent_id,
								'receiver_user_id'	=>$item['user_id'],
								'receiver_user_name'=>$item['user_name'],
								'display'			=>1
								); 
								
			if(User::id()){
				if($item['user_id']==User::id()){//Chuyển trạng thái đã trả lời khi comment chính topic của mình!
					$comment['status']	= 1;
				}
				
				$comment['sender_user_id']	=User::id();
				$comment['sender_user_name']=User::user_name();
			}
			else{
				$comment['sender_user_id']	=0;
				$comment['sender_user_name']=$sender_user_name;
				$comment['sender_email']	=$sender_email;
			}
			
			if($comment_row && $comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $item['user_id']){
				$comment['replied_user_id']		= $comment_row['sender_user_id'];
				$comment['replied_user_name'] 	= $comment_row['sender_user_name'];
			}
			elseif($comment_row && $comment_row['sender_user_id'] == $item['user_id']){
				$comment['replied_status'] = 1;
			}
			
			$id=DB::insert('comment',$comment);
				
			if ($id){
				if(!User::id()){
					AZLib::reload_captcha();
				}
				
				if ($parent_id){				
					$re = DB::query("SELECT id FROM comment WHERE item_id = {$item['id']} AND parent_id = $parent_id AND display = 1 ORDER BY id DESC LIMIT 3,1");				
					
					if($re){
						if($row = mysql_fetch_assoc($re)){
							if($row){
								DB::query("UPDATE comment SET display = 0 WHERE parent_id = $parent_id AND display = 1 AND id<={$row['id']}");										
							}
						}
					}
					
					if($comment_id==$parent_id){
						if(User::is_login() && $item['user_id'] == User::id())
							DB::query("UPDATE comment SET have_child = have_child + 1, order_time = ".time().", status=1 WHERE id = $parent_id");
						else
							DB::query("UPDATE comment SET have_child = have_child + 1, order_time = ".time()." WHERE id = $parent_id");
					}
					else{
						DB::query("UPDATE comment SET have_child = have_child + 1, order_time = ".time()." WHERE id = $parent_id");
					 	
						if(User::is_login() && $item['user_id'] == User::id()){
							DB::query("UPDATE comment SET status=1 WHERE id = $comment_id");
							//Cập nhật đã đọc - trả lời cho feed
							DB::query("UPDATE feed SET status = 1 WHERE ref_id = $comment_id AND type=1");
					 	}
					}
					
					if(User::is_login()){//Nếu là thành viên
						//Cập nhật lại replied_status nếu chưa được check!
						if($item['user_id'] != User::id() && $comment_row['replied_user_id'] == User::id() && $comment_row['replied_status'] == 0){
							DB::query("UPDATE comment SET replied_status=1 WHERE id = $comment_id");
							//Cập nhật đã đọc - trả lời cho feed
							DB::query("UPDATE feed SET status = 1 WHERE ref_id = $comment_id AND type=2");
							
							//Cập nhật comment mới cho chính mình
							DB::query('UPDATE user SET total_new_comment = total_new_comment - 1 WHERE id='.User::id().' AND total_new_comment>0');
							User::getUser(User::id(),0,1);
						}
						
						if($item['user_id'] != User::id()){//Nếu ko fải giao dịch của mình
							//Cập nhật comment mới cho chủ topic
							DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id='.$item['user_id']);
							User::getUser($item['user_id'],0,1);
						}
						elseif ($comment_row && $comment_row['status']==0){
							//Cập nhật comment mới cho chính mình
							DB::query('UPDATE user SET total_new_comment = total_new_comment - 1 WHERE id='.User::id().' AND total_new_comment>0');
							User::getUser(User::id(),0,1);
						}
						
						//Cập nhật comment mới cho người có comment được trả lời
						if($comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $item['user_id'] && $comment_row['sender_user_id'] != User::id() && $comment_row['sender_user_id'] != $item['user_id']){//Nếu trả lời comment cho 1 người nào đó ko fải chủ topic
							DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id='.$comment_row['sender_user_id']);
							User::getUser($comment_row['sender_user_id'],0,1);
						}
					}
					else{//Nếu là khách vãng lai
						//Cập nhật comment mới cho chủ topic
						DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id='.$item['user_id']);
						User::getUser($item['user_id'],0,1);
						
						//Cập nhật comment mới cho người có comment được trả lời
						if($comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $item['user_id'] && $comment_row['sender_user_id'] != $item['user_id']){//Nếu trả lời comment cho 1 người nào đó ko fải chủ topic
							DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id='.$comment_row['sender_user_id']);
							User::getUser($comment_row['sender_user_id'],0,1);
						}	
					}
				}
			}
			
			$total_feedback = DB::count('comment',"item_id={$item['id']}");
			
			$up_up_count = '<up_count>';
			$up_up_count.= $user_item['up_item'];
			
			
			DB::update_id('item',array('reply_count'=>$total_feedback),$item['id']);
			
			if(MEMCACHE_ON){
				$item_memcache['reply_count'] = $total_feedback;
				AZMemcache::do_put("item:{$item['id']}",$item_memcache);
			}
			
			$up_up_count.= '</up_count>';
			
			//Cập nhật cron job
			if($user_item && $user_item['email'] && $user_item['email_alert'] && $user_item['id']!=User::id()){								
				if(User::id()){		
					$sender_email = '';
				}		
				$link = WEB_ROOT.AZRewrite::formatUrl('?page=item_detail&id='.$item['id'].'&ebname='.AZLib::safe_title($item['name']));
				$title = "<a href='$link' target='_blank' style='text-decoration:none;color:#003399;'><font color='#003399'>{$item['name']}</font></a>";
					  
				AZLib::addCronJob('item_comment',AZLib::parseBBCode($content,true),$user_item['id'],User::id()?User::user_name():$sender_user_name,$sender_email,$item['id'],$title,$link);
			}
		}
		else{
			$id = 0;
		}

		$time = date('H:i - d/m');

		$xml = "<comments><content><![CDATA[".AZLib::parseBBCode($content)."]]></content><post_time>".date('H:i')."</post_time>";

		$action = 'item_comment';
		
		if(User::id() != $item['user_id']){
			require_once ROOT_PATH.'includes/enbac/comment.php';
			Comment::addNewComment($item['user_id']);
		}	
		
		$xml.= $up_up_count."<id>".($id%3)."</id></comments>";
		//del cache html
		
		
		$caheFile='fb_'.$item['id'];
		StaticCache::delCache($caheFile);
			
		echo $xml;
		System::halt();
	}
}

	function del_comment(){
		if(!User::is_login() || User::is_block()){
			echo "not_perm";
			exit();
		}
		$id=(int)Url::get("id");
		
		if($id){
			
			$comment = DB::fetch("SELECT item_id,sender_user_id,display,receiver_user_id,have_child,parent_id FROM comment WHERE id=$id");
			/*$current_user = User::$current->data;
			if($current_user['up_item'] == 0){
				echo "not_up_item";
				exit();
			}*/
			if(User::have_permit(ADMIN_ITEM) || (User::id()==$comment['receiver_user_id'] && $comment['sender_user_id'] == 0)){
				if(DB::delete('comment','id='. $id)){
					if ($comment['have_child']>0){
						DB::delete('comment','parent_id='.$id);
						
					}
					
					if ($comment['item_id'] > 0){
						$item_id = $comment['item_id'];
						if ($comment['parent_id']>0){
							DB::query('UPDATE 	comment
								   SET 		have_child = have_child-1
								   WHERE 	id='.$comment['parent_id'].' ');
							if ($comment['display']==1){
									DB::query('UPDATE comment SET display = 1 where item_id = '.$comment['item_id'].' AND parent_id = '.$comment['parent_id'].' AND display = 0 order by id DESC limit 1');
							}
							
						}
						
						if($item_id){		
							$item 			= Item::get_item($item_id);
							$item_memcache 	= $item;
							
							if($item){		
								$item_memcache['reply_count'] = $item['reply_count'] - (1+$comment['have_child']);
								if(MEMCACHE_ON){
									AZMemcache::do_put("item:$item_id",$item_memcache);
								}
								
								DB::query('UPDATE item SET reply_count = '.$item_memcache['reply_count'].' WHERE 	id="'.$comment['item_id'].'" ');
							}
						}
					}
					//del cache html
		
					$caheFile='fb_'.$item['id'];
					StaticCache::delCache($caheFile);
					/*if(!User::have_permit(ADMIN_ITEM)){
						DB::query('UPDATE user set up_item = up_item-1 WHERE id='.$comment['receiver_user_id'].' AND up_item>0');// tru luot up
						User::getUser($comment['receiver_user_id'],0,1);
					}*/
					echo AZLib::getParam('id');
					exit();
				}
				else{
					
					echo "unsuccess";
					exit(); 
				}	
			}else{
				echo "not_perm";
				exit();
			}
			
		}else{
			echo "not_perm";
			exit();
		}
		
	}
	
	function fn_del_comment_user(){
		$id = (int)Url::get('id');
		
		if(!$id || User::is_block() || !User::have_permit(ADMIN_ITEM)){
			echo "not_perm";
			exit();
		}
		
		$sql = "SELECT sender_user_id,receiver_user_id,status FROM comment_user WHERE id=$id";		
		$comment  = DB::fetch($sql);
		
		if($comment && DB::delete('comment_user',"id=$id")){				
			//Xoá feed
			DB::query("DELETE FROM feed WHERE ref_id = $id AND type=3");
				
			if($comment['status']==0){
				DB::query('UPDATE user set total_comment_user = total_comment_user-1 WHERE id='.$comment['receiver_user_id'].' AND total_comment_user>0');// so luu but
				User::getUser($comment['receiver_user_id'],0,1);
			}
					
			echo AZLib::getParam('id');
			exit();
		}
		else{
			
			echo "unsuccess";
			exit(); 
		}	
	}
		
	function get_more_comment() {
		$parent_id  	= AZLib::getParam('comment_id');
		$item_user_name = AZLib::getParam('item_user_name');
		$item_id  		= AZLib::getParam('item_id');
		$cat_id  		= AZLib::getParam('cat_id');
		$guest_email  	= AZLib::getParam('guest_email');
		$guest_name 	= AZLib::getParam('guest_name');
		
		//$cur_id  		= AZLib::getParam('cur_id',0);
		$cur_id  		= User::id();
		$item_user_id  	= AZLib::getParam('user_id');

		$show_guest_email = (User::have_cat_permit($cat_id) || User::id()==$item_user_id);
		
		$sql = 'SELECT `comment`.`id`, `time`, `content`, `item_id`, `sender_email`, `sender_user_name`, user.img_server, `receiver_user_name`,`sender_user_id`, `receiver_user_id`, `parent_id`, `have_child`, user.avatar_url, user.id as user_id, user.gids, user.block_time FROM `comment` LEFT JOIN `user` ON user.id=comment.sender_user_id
					WHERE `comment`.`parent_id` ='.$parent_id.' AND `comment`.`display`=0 ORDER BY time DESC LIMIT 0,100';		
		$re = DB::query($sql);
		
		$i = 0;
		$result = ''; 
		$str_user_id = '';
		while ($item=mysql_fetch_assoc($re)){
			$item['index'] = $i;
			$i++;
			
			if($item['block_time']>TIME_NOW){
				$item['is_block'] = 1;
			}else 
			{
				$item['is_block'] = 0;
			}
			
			$str_user_id .= ($str_user_id!=''?',':'').$item['sender_user_id'];
													
			//set quyen quan tri
			if($item['gids']){
				$is_admin_mod = CGlobal::$group[User::check_admin($item['gids'])];
			}else{
				$is_admin_mod = array();
			}									
			$item['is_admin_mod'] = $is_admin_mod;
			if((TIME_NOW - $item['time']) < (24*3600)){
				$time_left = TIME_NOW - $item['time'];
				$hour = floor($time_left/3600);
				$day = '';
				
				$minute = floor(($time_left%3600)/60).' phút';
				$time_left = ($hour?$hour.' giờ ':'').$minute;
				
				if($time_left == 0){
					$time_left = 'Vài giây';			
				}
				
				$item['created_time'] = $time_left.' trước';
			}elseif (date('Y') != date('Y',$item['time']))
				$item['created_time'] = date('H:i | d.m.Y',$item['time']);
			else 
				$item['created_time'] = date('H:i | d.m',$item['time']);
			
			$item['content'] = AZLib::parseBBCode($item['content']);
			
			if ($item['sender_user_id']){
				$item['sender_link'] = Url::build('shop',array('user_name'=>$item['sender_user_name']));
			}
			else{
				$item['sender_link'] = '';
			}
			
			$item['URL_badcontent'] = Url::build('item_detail',array('id'=>Url::get('id'),'ctype'=>'comment','id_comment'=>$item['id']));	
			
			$result .= '<tr id="'.$item['id'].'"';
			
			//if($item['user_id']!=$cur_id &&  $item['sender_user_id']!=0)
			{
				$result .= ' onmouseover="show_hide_menu('.$item['id'].')" onmouseout="show_hide_menu('.$item['id'].')" ';
			}
			
			$result .= '><td width="28" align="right" valign="top"><div style="height:5px"><span></span></div>';
			
			if($item['sender_user_id'] == 0){
				if($item['id']%3 == 0){
					$item['sender_avatar_url'] = 'style/images/avatar_01.gif';
				}
				elseif($item['id']%3 == 1){
					$item['sender_avatar_url'] = 'style/images/avatar_02.gif';
				}
				else{
					$item['sender_avatar_url'] = 'style/images/avatar_03.gif';
				}
				$html_content='';
				$result .= '<div class="feedbackAvatarSub" id="avatar_content_'.$item['user_id'].'"><img src="'.$item['sender_avatar_url'].'" width="25" height="25" /></div>';
			}
			else{
				
				if($item['avatar_url']){
					$item['sender_avatar_url'] = AZLib::getImageThumb($item['avatar_url'],60,0,1,$item['img_server']);
					if ($item['parent_id'] > 0){
						$html_content = '<a href="'.$item['sender_link'].'"><img src="'.$item['sender_avatar_url'].'" width="25"/></a>';
					}else{
						$html_content = '<a href="'.$item['sender_link'].'"><img src="'.$item['sender_avatar_url'].'" width="50"/></a>';
					}
				}
				else{
					$item['sender_avatar_url'] = '';
					if ($item['parent_id'] > 0){
						$html_content = '<a href="'.$item['sender_link'].'"><img src="style/images/50x50.gif" width="25" height="25" /></a>';
					}else{
						$html_content = '<a href="'.$item['sender_link'].'"><img src="style/images/50x50.gif" width="50" height="50" /></a>';
					}
				}
				
				$result .= '<div class="profile_load"  id="c'.$item['id'].'" lang="'.$item['user_id'].'"><div class="feedbackAvatarSub" ';
				$result .= ' id="avatar_content_'.$item['user_id'].'"><div class="bubbleInfo" id="info_'.$item['id'].'" lang="'.$item['user_id'].'"><div class="commentAva trigger">'.$html_content.'</div><!-- BEGIN POPUP MENU --><div class="popup" style="text-align: left;"><div id="show_mini_profile_c'.$item['id'].'" style="display:none;"></div><div id="hide_mini_profile_c'.$item['id'].'"><div class="contentPop" style="background-color:#fff"><div style="margin:4px;"><div class="blastTopLeft"><div class="blastTopRight"><div class="blastTopbg"><span></span></div></div></div><div class="blast"><img src="style/images/ajax-loader4.gif" width="62" height="13" /></div><div class="blastBottomLeft"><div class="blastBottomRight"><div class="blastBottombg"><span></span></div></div></div></div></div></div></div><!--END POPUP MENU --></div></div></div>';
				
			}
             $result .= '</td><td valign="top"><div class="contentFeedback" align="left"><div ';
			if (isset($item['is_admin_mod']['id']) && ($item['is_admin_mod']['id'] == 9 || $item['is_admin_mod']['id']==1))
				$result .= ' class="topFeedback_admin" ';
			elseif (isset($item['is_admin_mod']['id']) && ($item['is_admin_mod']['id'] == 2 || $item['is_admin_mod']['id'] == 3))
				$result .= ' class="topFeedback_mod" ';
			elseif ($item['sender_user_name'] ==$item_user_name)
				$result .= ' class="topFeedbackSelf" ';
			else $result .= ' class="topFeedback"';
			
			$result .= ' >'; 
			
			if ($item['sender_user_id'] == 0){		 
				$result .= ' <span class="guest_name">'.$item['sender_user_name'];
				$result .= ($show_guest_email)?'<a href="mailto:'.$item['sender_email'].'" title="Gửi e-mail cho người dùng này!"><img src="style/images/comment_email/email.gif" border="0" width="15" height="11"/></a>':'';
				$result .= '</span>';
			}	
			else{
				$result .= ' <a ';
				$result .= ($item['is_block'] == 1)?' title="Đang bị khóa nick" ':' ';
				$result .= ($item['is_admin_mod'])?' title="'.$item['is_admin_mod']['des'].'" ':' ';
				$result .= '  href="'.WEB_DIR.$item['sender_user_name'].'">';
				$result .= ($item['is_block'] == 1)?' <s><i> ':' ';
				$result .= $item['sender_user_name'];
				$result .= ($item['is_block'] == 1)?' </i></s> ':' ';
				$result .= '</a>';
			}	
			$result .= ' <span class="fb_time">'.$item['created_time'].'</span> ';
			$result .=	'<div class="floatRight" style="margin-top:-12px; height:16px"><div id="show_menu_'.$item['id'].'" style="display:none">';
			
			if ($item['user_id']!=$cur_id && $item['sender_user_id']!=0){
				$result .= ' <span class="send_pm_fb" onclick="fn_send_pm_fb('.$item['user_id'].',\''.$item['sender_user_name'].'\');" id="'.$item['user_id'].'-'.$item['sender_user_name'].'" style="margin-left:5px"><a href="javascript: void(0)">gửi tin nhắn </a></span>|<span class="send_fb"><a href="'.WEB_DIR.AZRewrite::formatUrl('?page=shop&user_name='.$item['sender_user_name'].'&mode=comment').'">viết lưu bút</a></span> ';
				if (($item && $item['sender_user_id']==0 && $cur_id==$item['receiver_user_id']) || User::have_permit(ADMIN_ITEM)){				 
					$result .= ' | ';
				}
			}
			
			if (($item && $item['sender_user_id']==0 && $cur_id==$item['receiver_user_id']) || User::have_permit(ADMIN_ITEM)){				 
				$result .= '<span onclick="fn_click_del_comment_aj('.$item['id'].','.$item_id.')" id="'.$item['id'].'|'.$item_id.'"><a href="javascript:void()"><img src="style/images/icon_delete.gif" width="9" height="9" /></a></span>';
			}
			$result .='</div></div><div style="clear:both"><span></span></div>';
			
							 
			$result .= ' </div> <div align="center" id="mess_success_'.$item['id'].'" style="display:none" class="mess_success"></div> <div class="detailFeedback" align="left"  style="width:485px; overflow:hidden">'.$item['content'].'</div> ';
			
			if ($item['user_id']!=$cur_id ){				                 
				$result .= '<div id="reply_'.$item['id'].'" ><div  class="btn_fast_reply" onmouseout="if(this.className==\'btn_fast_reply_hover\')this.className=\'btn_fast_reply\'" onmouseover="if(this.className==\'btn_fast_reply\')this.className=\'btn_fast_reply_hover\'" style="float:right" onclick="show_box_reply('.$item['id'].','.$item['parent_id'].',\''.$guest_name.'\',\''.$guest_email.'\',\''.$item['sender_user_name'].'\','.$item['sender_user_id'].'); return true;">trả lời</div></div>';
				$result .= ' <div style="clear:right" id="box_reply_'.$item['id'].'"></div>';
			}
			
			$result .= '</div></td></tr><tr id="space_'.$item['id'].'"><td height="1" colspan="2"><div style="height:1px; margin:5px 0; background-color:#fff"><span></span></div></td></tr>';
			$result .= '</tr>';
		}
		echo($result);
		System::halt();
		
	}
	function display_feedback() {
		global $display;
		$show_all = Url::get('show_all',0);
		Item::$id = (int)Url::get('id',0);
		Item::$item = Item::get_item(Item::$id);
		
		if(Item::$item){
			if(!isset(Item::$item['display'])){
				Item::$item['display']=1;
				if(isset(Item::$item['id'])){
					//Check trạng thái tin và quyền thao tác:
					if(Item::$item['status']!=1){//Tin không được kiểm duyệt
						//Nếu tin chưa được kiểm duyệt ,chỉ admin hoặc chủ tin được xem!
						if(Item::$item['status']==2){
							if(User::id()!=Item::$item['user_id'] && !User::have_permit(ADMIN_ITEM) && !User::have_cat_permit(Item::$item['category_id'])){
								Item::$item['display']=0;
							}
						}
						else				
						//Nếu tin ở trạng thái xóa
						if(Item::$item['status']==-1){
							if(!User::have_permit(ADMIN_ITEM)){
								Item::$item['display']=0;//Url::access_denied();
							}
						}
						
						//Nếu tin bị ẩn ,chỉ admin được xem!
						if(Item::$item['status']==0){
							if(!User::is_admin()){
								Item::$item['display']=0;//Url::access_denied();
							}
						}
					}
				}
			}
			
			
			if (Item::$item['display']){
				if($show_all){
					$this->get_all_comment();
				}			
				else{
					if(StaticCache::notExistCache('fb_'.Item::$id,0)){
						StaticCache::startCache();
						$this->get_all_comment();
						StaticCache::endCache();
					}
				}
			}
		}
	}
	
	function get_all_comment(){
		global $display;	
		
		$winner = array();
		
		global $user_id_arr,$stt,$item_per_page;
		
		$stt 		  	= 0;
		$is_admin_mod 	= array();
		$user_arr 	  	= array();
		$user_id_arr  	= array();
		$items 		  	= array();
		
		$limit			= '';
		$divID			= 'comment_list';
		$cmd			= 'pagging_comment';
		$url_path		= WEB_DIR."ajax.php?act=comment&code=display_feedback&show_all=1&id=".Item::$id."&cmd=".$cmd;
		$item_per_page 	= 25;
		
		if((Url::get('show_all')) || (Url::get('cmd') == $cmd)){
			
			$display->add('show_all',true);
			
		}
		else{
			$display->add('show_all',false);
			
		}
		
		$pagging	= AZPagging::fb_pagging($limit,$item_per_page,true,'fb_page',$url_path,$divID);
		$sql 		= "SELECT id, time, content, item_id, sender_email, sender_user_name, sender_user_id, have_child,receiver_user_id FROM comment WHERE item_id=".Item::$item['id']." AND parent_id = 0 ORDER BY order_time DESC $limit";
		$items_all 	= $this->get_comment($sql);
		
		
		if ($items_all){
			$items = $items_all['item'];
			if ($items_all['id_parent']){
				$sql_sub = "SELECT id, time, content, item_id, sender_email, sender_user_name, sender_user_id,parent_id,receiver_user_id FROM comment WHERE parent_id IN({$items_all['id_parent']}) AND display =1 ORDER BY order_time DESC";
					
				$subComment_all = $this->get_comment($sql_sub,1);
				if($subComment_all)	{
					$sub_comments = $subComment_all['item'];	
					
					foreach ($sub_comments as $id=>$subs){
						if (isset($items[$id])){
							$items[$id]['sub_comment']=$subs;
						}
					}
				}
			}
			unset($items_all);
			unset($subComment_all);
		}
		
		if($stt<=$item_per_page){
			$pagging	= AZPagging::fb_pagging($limit,$item_per_page,false,'fb_page',$url_path,$divID);
			$display->add('show_fb_page',false);
		}
		else{
			$display->add('show_fb_page',true);
		}

		if($user_id_arr){
			$uid = implode(',',$user_id_arr);
			if($uid!=''){
				$re = DB::query("SELECT id, avatar_url, gids, block_time, img_server FROM user WHERE id IN($uid)");
				if($re){
					while ($user = mysql_fetch_assoc($re)){
						$user_arr[$user['id']] = $user;
					}
				}
			}
		}
		if($items && $user_arr){
			foreach ($items as &$item){

                //add by nhatvt
                $item['content'] = $this->process_description($item['content']);
//                echo $item['content'];exit;
                //end
				if(isset($item['sub_comment']) && $item['sub_comment']){
					foreach ($item['sub_comment'] as &$sub_item){
						if($sub_item['sender_user_id']){
							if(isset($user_arr[$sub_item['sender_user_id']])){
								$sub_item['avatar_url'] = $user_arr[$sub_item['sender_user_id']]['avatar_url'];
								$sub_item['block_time'] = $user_arr[$sub_item['sender_user_id']]['block_time'];
								$sub_item['gids'] 		= $user_arr[$sub_item['sender_user_id']]['gids'];
								$sub_item['img_server'] = $user_arr[$sub_item['sender_user_id']]['img_server'];
							}
							
							if($sub_item['avatar_url']){
								$sub_item['sender_avatar_url'] = AZLib::getImageThumb($sub_item['avatar_url'],60,0,1,$sub_item['img_server']);
								if ($sub_item['parent_id'] > 0){
									$html_content = '<a href="'.$sub_item['sender_link'].'"><img src="'.$sub_item['sender_avatar_url'].'" width="25" class="lazyload"/></a>';
								}else{
									$html_content = '<a href="'.$sub_item['sender_link'].'"><img src="'.$sub_item['sender_avatar_url'].'" width="50" class="lazyload"/></a>';
								}
							}
							else{
								$sub_item['sender_avatar_url'] = '';
								$html_content = '<a href="'.$sub_item['sender_link'].'"><img src="style/images/50x50.gif" width="25" height="25" class="lazyload"/></a>';
							}
							
							if($sub_item['block_time']>TIME_NOW){
								$sub_item['is_block'] = 1;
							}
							else{
								$sub_item['is_block'] = 0;
							}
							
							$sub_item['htmlContent'] = $html_content;
							
							//set quyen quan tri
							if($sub_item['gids']){
								$is_admin_mod = CGlobal::$group[User::check_admin($sub_item['gids'])];
							}else{
								$is_admin_mod = array();
							}									
							$sub_item['is_admin_mod'] = $is_admin_mod;
						}
					}
				}
				
				if($item['sender_user_id']){
					if(isset($user_arr[$item['sender_user_id']])){
						$item['avatar_url'] = $user_arr[$item['sender_user_id']]['avatar_url'];
						$item['block_time'] = $user_arr[$item['sender_user_id']]['block_time'];
						$item['gids'] 		= $user_arr[$item['sender_user_id']]['gids'];
						$item['img_server'] 		= $user_arr[$item['sender_user_id']]['img_server'];
					}
					
					if($item['avatar_url']){
						$item['sender_avatar_url'] = AZLib::getImageThumb($item['avatar_url'],60,0,1,$item['img_server']);
						$html_content = '<a href="'.$item['sender_link'].'"><img src="'.$item['sender_avatar_url'].'" width="50"/></a>';
					}
					else{
						$item['sender_avatar_url'] = '';
						$html_content = '<a href="'.$item['sender_link'].'"><img src="style/images/50x50.gif" width="50" height="50" /></a>';
					}
					$item['htmlContent'] = $html_content;
					
					if($item['block_time']>TIME_NOW){
						$item['is_block'] = 1;
						
					}
					else{
						$item['is_block'] = 0;
					}
					
					//set quyen quan tri
					if($item['gids']){
						$is_admin_mod = CGlobal::$group[User::check_admin($item['gids'])];
					}else{
						$is_admin_mod = array();
					}									
					$item['is_admin_mod'] = $is_admin_mod;
				}
			}
		}
		if(User::is_login() && Item::$item['user_id']==User::id()){
			$user = User::$current->data;
		}
		else{
			if(isset(Item::$item['user_id'])){
				$user = User::getUser(Item::$item['user_id']);
			}
			
			if(!$user){
				$user = array('id' => 0,'user_name' => '','create_time' => '','blast' => '','email' => '','show_email' => '','skype_id' => '','yahoo_id' => '');
			}
		}
		if(User::is_login()){
			if(User::$current->data['mobile_phone']<>''){
				$display->add('user_phone',true);
				$user_phone = User::$current->data['mobile_phone'];
			}
			elseif(User::$current->data['home_phone']<>''){
				$display->add('user_phone',true);
				$user_phone = User::$current->data['home_phone'];
			}
			else{
				$display->add('user_phone',false);
				$user_phone =  '';
			}
			$display->add('cur_user_name', User::$current->data['user_name']);
			$display->add('cur_created_time', User::$current->data['create_time']);
			$cur_user_name =  User::$current->data['user_name'];
			$cur_created_time =  User::$current->data['create_time'];
			
			if(User::$current->data['avatar_url']==''){
				$cur_avatar_url = 'style/images/50x50.gif';
			}
			else{
				$cur_avatar_url = AZLib::getImageThumb(User::$current->data['avatar_url'],60,0,1,User::$current->data['img_server']);		
			}					
		}
		else{
			$cur_user_name 		=  '';
			$cur_created_time 	=  '';
			$user_phone 		= '';
			$cur_avatar_url 	=  'style/images/50x50.gif';
			$display->add('cur_user_name', '');
			$display->add('cur_created_time', '');
			$display->add('check_user_name','');
			$display->add('user_phone',false);
		}			
		$guest_name = 'Số điện thoại';
		$guest_email = 'Email';	
		if(isset($_COOKIE['guest_name'])){
			if($_COOKIE['guest_name'] == 'undefined' || $_COOKIE['guest_email'] == 'undefined'){
				$guest_name = 'Số điện thoại';
				$guest_email = 'Email';
			}
			else{
				$guest_name = $_COOKIE['guest_name'];
				$guest_email = $_COOKIE['guest_email'];
			}
		}
		$display->add('cur_user_name',$cur_user_name);
		$display->add('guest_name',$guest_name);
		$display->add('guest_email',$guest_email);
		
		$display->add('check_user_name',$user['user_name']);
		$display->add('cur_id',(int)User::id());		
		//$display->add('msg',$this->showFormErrorMessages(1));
		$display->add('pagging',$pagging);
		$display->add('item_comments',$items);

		$display->add('item_id',Item::$item['id']);
		$display->add('category_id',Item::$item['category_id']);
		
		$display->add('item_name', Item::$item['name']);
					
		//rewrite URL
		$display->add('name_url', AZLib::safe_title(Item::$item['name']));				
		//End rewrite URL
		
		
		Item::$item['currency_id'] = 1;
		$display->add('currency_id',CGlobal::$currency[Item::$item['currency_id']]);
		
		$display->add('total_feedback',Item::$item['reply_count']);
		
		if((strtolower(Url::get('page')) == 'allfeedback') || (Url::get('cmd') == $cmd)){
			echo '<div id="totalReplyCount" style="display:none;">'.Item::$item['reply_count'].'</div>';
		}			
		//echo AZLib::parseBBCode($display->output('AllFeedback',true));
		$display->output('AllFeedbackList',false,'AllFeedback');
	}
	
	function get_comment($sql,$sub = 0){
		global $user_id_arr,$stt,$item_per_page;
		$re = DB::query($sql);
		$items = array();
		
		$id_parent = '';

		while ($item=mysql_fetch_assoc($re)){
			if($sub == 0){
				$stt++;
			}
			if($sub || ($sub == 0 && $stt<=$item_per_page)){
				
				//$item['created_time'] = AZLib::duration_time($item['time']);
				$item['created_time'] =  date('H:i | d.m.Y',$item['time']);
				
				if ($item['sender_user_id']){
					$item['sender_link'] = Url::build('shop',array('user_name'=>$item['sender_user_name']));
				}
				else{
					$item['sender_link'] = '';
				}
				
				
				
				if($item['sender_user_id']){
					$item['user_id'] = $item['sender_user_id'];
					
					if(!in_array($item['sender_user_id'],$user_id_arr)){
						$user_id_arr[$item['sender_user_id']]=$item['sender_user_id'];
					}
				}
				else{
					$item['user_id'] = 0;
					
					if($item['id']%3 == 0){
						$item['sender_avatar_url'] = 'style/images/avatar_01.gif';
					}
					elseif($item['id']%3 == 1){
						$item['sender_avatar_url'] = 'style/images/avatar_02.gif';
					}
					else{
						$item['sender_avatar_url'] = 'style/images/avatar_03.gif';
					}
					$html_content='';
					
					
					$item['is_block'] = 0;
					$item['is_admin_mod'] = array();
				}
				
				$item['content'] = AZLib::parseBBCode($item['content']);
				
				$item['URL_badcontent'] = Url::build('item_detail',array('id'=>Url::get('id'),'ctype'=>'comment','id_comment'=>$item['id']));	
				
				
				if($sub){
					$items['item'][$item['parent_id']][$item['id']]=$item;
				}
				else{
					if ($item['have_child'] > 0){
						$id_parent .= ($id_parent?',':'').$item['id'];
					}
					
					$items['item'][$item['id']]=$item;
				}
				$items['id_parent']=$id_parent;
			}
		}
			
		return $items;
	}

    //add by nhatvt
    function filter_link($link,$text){
		if($text=AZLib::trimSpace(AZLib::plainText($text))){
			$text=AZLib::strippedLink($text);
			if(strpos($link,'http://enbac.com')===0 || strpos($link,'http://www.enbac.com')===0 || strpos($link,'enbac.com')===0 || strpos($link,'http://')===false){
				return "<a href=\"$link\" target=\"_blank\">$text</a>";
			}else if(strpos($link,'http://blog.enbac.com')===0 || strpos($link,'blog.enbac.com')===0 || strpos($link,'http://')===false){
                return "<a href=\"$link\" target=\"_blank\">$text</a>";
            }else if(strpos($link,'http://help.enbac.com')===0 || strpos($link,'help.enbac.com')===0 || strpos($link,'http://')===false){
                return "<a href=\"$link\" target=\"_blank\">$text</a>";
            }
			return "<a href=\"#\" rel=\"nofollow\" target=\"_blank\">...</a>";
		}
		return '';
	}

    function process_description($content)
	{
        $content = preg_replace('/<a[\s]*(.*)[\s]*href=[\'"](.*)[\'"][\s]*[^>]*[\s]*>(.*)<\/a>/eisU', "\$this->filter_link('$2','$3')", $content);

        return $content;
	}
}//class
?>